I’m using service managed permission to create_stack_instances for an OU, filtered by intersection of a list of accounts and when i run the command, it gives me an error, Can someone please tell me what’s wrong with my code here?
-
error via cli
Parameter validation failed:
Unknown parameter in DeploymentTargets: "AccountFilterType", must be one of: Accounts, AccountsUrl, OrganizationalUnitIds -
error via lambda
[ERROR] ParamValidationError: Parameter validation failed:
Unknown parameter in DeploymentTargets: "AccountFilterType", must be one of: Accounts, AccountsUrl, OrganizationalUnitIds -
lambda code:
def add_stack_to_stackset(StackSetName, accountid):
response = CF.create_stack_instances( StackSetName=StackSetName, DeploymentTargets={ 'OrganizationalUnitIds': ['ou-blah'], 'Accounts': [accountid], 'AccountFilterType': 'INTERSECTION' }, Regions=['us-east-1'] ) op_id = response['OperationId'] return op_id -
cli code
aws cloudformation create-stack-instances –stack-set-name demo –deployment-targets OrganizationalUnitIds=ou-blah,Accounts=12345,AccountFilterType=INTERSECTION –regions us-east-1
2
Answers
Sometimes
ValidationErrorsare just bugs or occur when you are using an old version of boto3 – for example, in the newest version of boto3INTERSECTIONis a valid parameter (if you are using this version then it is a bug…).You can always disable request validation:
I had similar issue, but with aws cli. Upgrading to aws cli v2 resolved it. So I’d suspect the same problem with boto3. Using latest version should get this working.